diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/cpu-specific-build-macros.rst | 10 | ||||
| -rw-r--r-- | docs/firmware-design.rst | 8 | ||||
| -rw-r--r-- | docs/porting-guide.rst | 19 | ||||
| -rw-r--r-- | docs/user-guide.rst | 18 |
4 files changed, 43 insertions, 12 deletions
diff --git a/docs/cpu-specific-build-macros.rst b/docs/cpu-specific-build-macros.rst index f74b45933..014817d39 100644 --- a/docs/cpu-specific-build-macros.rst +++ b/docs/cpu-specific-build-macros.rst @@ -11,6 +11,15 @@ This document describes the various build options present in the CPU specific operations framework to enable errata workarounds and to enable optimizations for a specific CPU on a platform. +Security Vulnerability Workarounds +---------------------------------- + +ARM Trusted Firmware exports a series of build flags which control which +security vulnerability workarounds should be applied at runtime. + +- ``WORKAROUND_CVE_2017_5715``: Enables the security workaround for + `CVE-2017-5715`_. Defaults to 1. + CPU Errata Workarounds ---------------------- @@ -142,6 +151,7 @@ architecture that can be enabled by the platform as desired. *Copyright (c) 2014-2016, ARM Limited and Contributors. All rights reserved.* +.. _CVE-2017-5715: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715 .. _Cortex-A53 MPCore Software Developers Errata Notice: http://infocenter.arm.com/help/topic/com.arm.doc.epm048406/Cortex_A53_MPCore_Software_Developers_Errata_Notice.pdf .. _Cortex-A57 MPCore Software Developers Errata Notice: http://infocenter.arm.com/help/topic/com.arm.doc.epm049219/cortex_a57_mpcore_software_developers_errata_notice.pdf .. _Cortex-A72 MPCore Software Developers Errata Notice: http://infocenter.arm.com/help/topic/com.arm.doc.epm012079/index.html diff --git a/docs/firmware-design.rst b/docs/firmware-design.rst index 27ee38b80..1f8fcc862 100644 --- a/docs/firmware-design.rst +++ b/docs/firmware-design.rst @@ -1925,9 +1925,11 @@ Firmware Image Package layout The FIP layout consists of a table of contents (ToC) followed by payload data. The ToC itself has a header followed by one or more table entries. The ToC is -terminated by an end marker entry. All ToC entries describe some payload data -that has been appended to the end of the binary package. With the information -provided in the ToC entry the corresponding payload data can be retrieved. +terminated by an end marker entry, and since the size of the ToC is 0 bytes, +the offset equals the total size of the FIP file. All ToC entries describe some +payload data that has been appended to the end of the binary package. With the +information provided in the ToC entry the corresponding payload data can be +retrieved. :: diff --git a/docs/porting-guide.rst b/docs/porting-guide.rst index 0eb4ac3ab..84bd2cd48 100644 --- a/docs/porting-guide.rst +++ b/docs/porting-guide.rst @@ -549,6 +549,22 @@ behaviour of the ``assert()`` function (for example, to save memory). doesn't print anything to the console. If ``PLAT_LOG_LEVEL_ASSERT`` isn't defined, it defaults to ``LOG_LEVEL``. +If the platform port uses the Activity Monitor Unit, the following constants +may be defined: + +- **PLAT\_AMU\_GROUP1\_COUNTERS\_MASK** + This mask reflects the set of group counters that should be enabled. The + maximum number of group 1 counters supported by AMUv1 is 16 so the mask + can be at most 0xffff. If the platform does not define this mask, no group 1 + counters are enabled. If the platform defines this mask, the following + constant needs to also be defined. + +- **PLAT\_AMU\_GROUP1\_NR\_COUNTERS** + This value is used to allocate an array to save and restore the counters + specified by ``PLAT_AMU_GROUP1_COUNTERS_MASK`` on CPU suspend. + This value should be equal to the highest bit position set in the + mask, plus 1. The maximum number of group 1 counters in AMUv1 is 16. + File : plat\_macros.S [mandatory] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -1128,6 +1144,9 @@ This function executes with the MMU and data caches enabled. It is responsible for performing any remaining platform-specific setup that can occur after the MMU and data cache have been enabled. +if support for multiple boot sources is required, it initializes the boot +sequence used by plat\_try\_next\_boot\_source(). + In ARM standard platforms, this function initializes the storage abstraction layer used to load the next bootloader image. diff --git a/docs/user-guide.rst b/docs/user-guide.rst index 274faa811..ed5ba1842 100644 --- a/docs/user-guide.rst +++ b/docs/user-guide.rst @@ -55,7 +55,7 @@ command: sudo apt-get install build-essential gcc make git libssl-dev -ARM TF has been tested with `Linaro Release 17.04`_. +ARM TF has been tested with `Linaro Release 17.10`_. Download and install the AArch32 or AArch64 little-endian GCC cross compiler. The `Linaro Release Notes`_ documents which version of the compiler to use for a @@ -1009,7 +1009,7 @@ images with support for these features: modules by checking out a recent version of the `mbed TLS Repository`_. It is important to use a version that is compatible with TF and fixes any known security vulnerabilities. See `mbed TLS Security Center`_ for more - information. The latest version of TF is tested with tag ``mbedtls-2.4.2``. + information. The latest version of TF is tested with tag ``mbedtls-2.6.0``. The ``drivers/auth/mbedtls/mbedtls_*.mk`` files contain the list of mbed TLS source files the modules depend upon. @@ -1478,10 +1478,10 @@ Running the software on FVP The latest version of the AArch64 build of ARM Trusted Firmware has been tested on the following ARM FVPs (64-bit host machine only). -NOTE: Unless otherwise stated, the model version is Version 11.1 Build 11.1.22. +NOTE: Unless otherwise stated, the model version is Version 11.2 Build 11.2.33. - ``Foundation_Platform`` -- ``FVP_Base_AEMv8A-AEMv8A`` (Version 8.7, Build 0.8.8702) +- ``FVP_Base_AEMv8A-AEMv8A`` (Version 9.0, Build 0.8.9005) - ``FVP_Base_Cortex-A35x4`` - ``FVP_Base_Cortex-A53x4`` - ``FVP_Base_Cortex-A57x4-A53x4`` @@ -1494,7 +1494,7 @@ NOTE: Unless otherwise stated, the model version is Version 11.1 Build 11.1.22. The latest version of the AArch32 build of ARM Trusted Firmware has been tested on the following ARM FVPs (64-bit host machine only). -- ``FVP_Base_AEMv8A-AEMv8A`` (Version 8.7, Build 0.8.8702) +- ``FVP_Base_AEMv8A-AEMv8A`` (Version 9.0, Build 0.8.9005) - ``FVP_Base_Cortex-A32x4`` NOTE: The build numbers quoted above are those reported by launching the FVP @@ -1871,10 +1871,10 @@ wakeup interrupt from RTC. .. _Linaro: `Linaro Release Notes`_ .. _Linaro Release: `Linaro Release Notes`_ -.. _Linaro Release Notes: https://community.arm.com/tools/dev-platforms/b/documents/posts/linaro-release-notes-deprecated -.. _Linaro Release 17.04: https://community.arm.com/tools/dev-platforms/b/documents/posts/linaro-release-notes-deprecated#LinaroRelease17.04 -.. _Linaro instructions: https://community.arm.com/dev-platforms/b/documents/posts/instructions-for-using-the-linaro-software-deliverables -.. _Instructions for using Linaro's deliverables on Juno: https://community.arm.com/dev-platforms/b/documents/posts/using-linaros-deliverables-on-juno +.. _Linaro Release Notes: https://community.arm.com/dev-platforms/w/docs/226/old-linaro-release-notes +.. _Linaro Release 17.10: https://community.arm.com/dev-platforms/w/docs/226/old-linaro-release-notes#1710 +.. _Linaro instructions: https://community.arm.com/dev-platforms/w/docs/304/linaro-software-deliverables +.. _Instructions for using Linaro's deliverables on Juno: https://community.arm.com/dev-platforms/w/docs/303/juno .. _ARM Platforms Portal: https://community.arm.com/dev-platforms/ .. _Development Studio 5 (DS-5): http://www.arm.com/products/tools/software-tools/ds-5/index.php .. _Dia: https://wiki.gnome.org/Apps/Dia/Download |